cPanel 74 - Potential spammer feature limited

koda

Well-Known Member
Jan 10, 2014
61
2
8
cPanel Access Level
Root Administrator
It seems features suggested here have been added:
https://features.cpanel.net/topic/mail-sending-limits-per-email-account-rather-than-per-domain_2

Problemi is, if I understood correctly what's in here:
Tweak Settings - Mail - Version 74 Documentation - cPanel Documentation.
That the "potential spammer" flag, with eventual subsequent "action taken" is only issued when exceeding the unique number of recipient per hour.
So all the original request about max hourly limit per account (with automatic blocking) seems to have been skipped. Or did I misundertood the "potential spammer" flag? Does it trigger when hourly email limit per single email addrees is exceeded too? Because this was the feature originally requested in
It seems features suggested here have been added:
https://features.cpanel.net/topic/mail-sending-limits-per-email-account-rather-than-per-domain_2

Thanks
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello @koda,

You are correct. It's the total number of emails sent to unique recipients per hour that's monitored instead of the total number of all outgoing emails sent by an email user. This was shown to be a more effective way of detecting SPAM. Are you seeing instances where spammers are sending multiple SPAM emails to the same email address within an hour?

Thank you.
 

koda

Well-Known Member
Jan 10, 2014
61
2
8
cPanel Access Level
Root Administrator
Hallo Michael, thank you for your reply.
Of course not... spammers send to multiple unique addresses, but the problem is the inverse situation, NON spammers send to many non unique addresses as well (mailing lists, "short" lists of contact). An office for example could have a burst of 200-300 unique recipients because is sending an internal notice to employess and such.
Also since the monitoring of the max email per hour per single address is already there if I'm not wrong, and I guess is there to detect potential spammers (which was the reason that originated the feature request), so why not use that monitor to flag potential spammers as well (and consequencial "action taken" of course)?
It's an addition, not an alternative. All the monitors you implemented to detect possible spammers, and that at the moment just send alerts, IMHO should be used to flag users as spammers (that's why they were implemented in the first place)
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello @koda,

Thank you for taking the time to provide us with additional feedback.

spammers send to multiple unique addresses, but the problem is the inverse situation, NON spammers send to many non unique addresses as well (mailing lists, "short" lists of contact). An office for example could have a burst of 200-300 unique recipients because is sending an internal notice to employess and such.
While I understand that not all email lists are handled through Mailman, I do want to note that the following case in cPanel & WHM version 74 ensures that emails sent through Mailman are not counted by the script that detects potential spammers:

Fixed case CPANEL-20917: Update eximstats_spam_check to ignore mailman.

Also since the monitoring of the max email per hour per single address is already there if I'm not wrong, and I guess is there to detect potential spammers (which was the reason that originated the feature request), so why not use that monitor to flag potential spammers as well (and consequencial "action taken" of course)?

The Number of unique recipients per hour to trigger potential spammer notification option that was included in cPanel & WHM version 72 differs from the existing mail limiting functionality because it monitors individual email accounts. The existing functionality you are referencing only monitors email on a per-domain basis:

How to Set Email Send Limits - cPanel Knowledge Base - cPanel Documentation

That said, I encourage you to submit a new feature request explaining the value of integrating the additional email rate limit options as part of the script that detects potential spammers:

Submit A Feature Request

Thank you.